Be Smart: Why You Should Never Forget to Bring In the Auditors
Crypto has a problem with security. What’s new, it always has, I hear you say. Yes, it’s a longstanding issue and you would be forgiven for thinking that the brilliant minds that brought blockchain technology to the world would by now have given us systems to keep the coins and tokens on exchanges and in our wallets safe.
Even the safest of the safe – hardware wallets – have had their problems of late with man in the middle attacks a theoretical possibility on the popular Nano Ledger.
Some might say that it is more a case of stupid humans that it is dumb technology but that misses the point. As Steve Jobs might have said, tech is only good if the humans intuitively know how to use it. In other words, technology, be it software or hardware, is at its best when designed for optimal interaction with human beings. From the standpoint of how to fix crypto’s security mess, that’s an important starting pint more readily illustrated with reference to some real world calamities of recent times.
Coincheck was a Hack Waiting to Happen
Let’s start with Coincheck. You may not have heard of this exchange before January this year when it was taken to the cleaners by hackers who were able to empty the XEM token hot wallet on the Japanese exchange, to the tune of $534 million.
Exchanges need to use wallets that are connected to the internet in order to facilitate trading – they need to have enough liquidity on hand to enable trades to be made in both directions (buying and selling). What was particularly shocking about the Coincheck case is that the technology already exists that would have made access to the XEM wallet more secure.
For example, multi-sig functionality could have been put in place requiring digital signing by at least two parties before funds could be moved out of the wallet. Also, the XEM tokens – the native token of the New Economy Movement (NEM) – could have been held in multiple wallets containing smaller amounts of XEM instead there being all stored in one wallet and thereby creating a single point of failure.
Additionally, triggers could have been built into the exchange’s software systems that alerted operations managers to any unusual fund movements. Incredibly, Coincheck only discovered that the XEM tokens had been stolen eight hours after the incident took place.
All these “extra” measures may have required more resource from the exchange but that is surely a cost of doing business. In retrospect, cutting corners on security or even worse perhaps, a lack of awareness of the risks entailed in the adoption of badly written code or weak security processes, can be the most expensive mistake a hacked crypto business ever made.
Learning Lessons From Parity
Another example that should send shivers down the spine of those whose duty it is to secure crypto assets is the Parity wallet fiasco.
Here we had a wallet business that let buggy code out into the wild. In November Parity informed users of its wallets created after 20 July, 2017, that the funds were “accidentally frozen.”
This was not the result of a bad actor beyond the bounds of the company but of badly written code from one of its own developers. And the 20 July date is significant because that was when the wallet code had to be updated to remove an earlier vulnerability (yes, this is the second major security blunder by Parity) stemming from the way multi-sig was implemented.
Yep, that’s right, Parity uses the multi-sig approach that could have saved Coincheck a lot of money (or rather, their clients’ money), yet it still failed to secure customer funds as in the July 2017 breach, or to guarantee access to stored funds, as in the November disaster.
There is a way a lot of this trauma could have been avoided and it comes down to a single word: audit.
Bringing in a Smart Contract Auditor is a Must
There are reputable companies with proven track records that audit software for a living. Among those companies gaining a reputation for excellence is hosho, and it’s successfully positioning itself as a global leader in blockchain security.
The centrality of writing secure and efficient code and hosting it on secure websites is particularly critical for blockchain projects running initial coin offerings (ICOs) to raise funds from crypto investors. And it continues to be a surprise that many projects treat an audit as an afterthought. Audits should really be mandatory but the industry does not have any regulations or standards, self-enforcing or otherwise, to make sure this happens.
However, a good company should really not need telling. Going back to Parity, it is worth mentioning that it did enlist the services of an auditor but then subsequently changed the code and introduced the error that led to wallet users’ funds being frozen.
Writing poorly designed code is especially a problem with Solidity, the programming language for building smart contracts and decentralized apps on the Ethereum blockchain. That’s unfortunate because Ethereum is the most popular blockchain platform and is often used for ICOs. Consensys helps businesses to get up and running on the Ethereum blockchain can help avoid common mistakes but that does not mean that projects can dispense with the need to hire its own dedicated auditor.
The vulnerability in the Parity wallet that led to losses for Edgeless Casino, Swarm City and Aeternity in July was down to the poor design of the “init” code for the wallet. Init is short for initialization and is the part in the code flow where the “object” gets born. Parity had not defined the scope of the init, which meant it was possible for hackers to become the “owners” of smart contracts. That’s the sort of schoolboy error that any auditor worth its salt would have spotted straight off the bat.
A Necessity not a Luxury
Those conducting tokens sales would do well to look to auditors such as hosho. It doesn’t just check the contract code but also concerns itself with matters such as the security of the websites being used to host the wallets taking in the contributions for ICOs for example. Penetration testing is essential for such websites. Remember, around ten percent of ICO funds are diverted to wallets controlled of criminal hackers, which equates to losses of about $400 million.
And at the code level, to make sure you are getting your money’s worth and can track what code has been changed, every stage of version control should include GPG signature verification, another default service from hosho.
A token sale appearing on listings sites such as TokenMarket or Smith+Crown that can show that it has been security audited is increasingly a sure way to differentiate the quality offerings from the trash; it’s a business cost that should be treated as a necessity not a luxury.
Disclaimer: This is paid content. BTCManager does not endorse any content or product on this page. While we aim at providing you all important information that we could obtain, readers should do their own research before taking any actions related to the company and carry full responsibility for their decisions, nor this article can be considered as investment advice. BTCManager and its employes are not responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in the press release.